Smart contracts

Zepay runs on a small set of focused contracts on Sonic. These are the current mainnet contracts used by the app:

Sonic mainnet · USDC only

• UsernameRegistry 0x7348812573f62A241479516B8229FA2C03Fcb455

• AaveYieldProvider 0x7b611d83Dd6D4cA8FA3d86D1648ed7CE98B251a1

• SmartAccount Implementation 0xdc97B7453933575518C272cef2A4a8CEBFdfA732

• SmarAccountFactory 0xF611092795006311C6aee8Ab9430110ef41cfe4a

• PersonalVault Implementation 0xA2551558A5220097927097BCBa042dA7a9Ee4dc0

• PersonalVault Factory 0x0Be3D4437AEFF6D1a4c6Fd812186B668Df5A9a02

All of these are deployed as simple, verified contracts (no upgradeable proxy pattern) and none of them are designed to hold user funds directly.

UsernameRegistry

The UsernameRegistry maps human‑readable handles to SmartAccounts:

• @alice → 0xSmartAccount...

• @bob → 0xSmartAccount...

Safety properties:

• A handle can only be registered if it is free and the account does not already have a handle.

• Registration must be called by the SmartAccount itself (not an arbitrary EOA).

• The registry does not hold tokens – it only stores mappings and emits events.

Changing handles or hijacking an existing mapping is not possible through any admin function; there is no owner with special permissions.

SmartAccountFactory

The SmartAccountFactory is responsible for creating and computing the address of each user’s SmartAccount. It:

• Deploys a SmartAccount contract for each Privy EOA.

• Exposes a deterministic computeAccountAddress() function.

• Does not hold any user funds.

Once a SmartAccount is deployed, the factory has no control over it. All control flows through the account’s owner (your EOA).

PersonalVaultFactory

The PersonalVaultFactory deploys a vault per SmartAccount for Earn. Each vault:

• Is owned by a specific SmartAccount.

• Tracks principal deposited vs. current value.

• Applies a 10% performance fee on yield only (not on principal).

• Interacts with the AaveYieldProvider for deposits and withdrawals.

The factory itself has no ability to move funds out of any vault. It simply creates them and provides address derivation.

AaveYieldProvider

The AaveYieldProvider is the shared integration layer between PersonalVaults and Aave v3 on Sonic. It:

• Receives USDC from vaults and supplies it to Aave.

• Holds pooled aUSDC (Aave interest‑bearing USDC).

• Uses share‑based accounting (similar to ERC‑4626) to track each vault’s claim.

• Exposes deposit(), withdraw() and totalAssets() for vaults.

Design and safety highlight:

• No Ownable and no admin‑only funds withdrawal.

• No emergencyWithdraw function.

• Non‑reentrant deposit and withdraw functions.

• All yield is distributed pro‑rata via shares; no yield theft is possible.

The only way for funds to leave Aave is via withdraw() calls initiated by user vaults.